cedricAbonnel/scripts-bash
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
78e2f5ea1ece04191ca4d839f4f83daa86ae2ebe
scripts-bash/servers/linux/monitoring/bin/install-monitoring.sh
Cédrix ae0c8f95cb ecriture en PHP
2026-03-16 22:14:35 +01:00

157 lines
4.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Copyright (C) 2026 Cédric Abonnel
# License: GNU Affero General Public License v3
set -euo pipefail
# --- Configuration ---
BASE_DIR="/opt/monitoring"
CONF_DIR="${BASE_DIR}/conf"
LOG_DIR="/var/log/monitoring"
STATE_DIR="/var/lib/monitoring"
LOCK_DIR="/var/lock/monitoring"
TMP_DIR="/tmp/monitoring-install"
UPDATE_BASE_URL="https://git.abonnel.fr/cedricAbonnel/scripts-bash/raw/branch/main/servers/linux/monitoring"
MANIFEST_URL="${UPDATE_BASE_URL}/manifest.txt"
INSTALL_DEPS="${INSTALL_DEPS:-true}"
# --- Fonctions ---
require_root() {
if [ "${EUID}" -ne 0 ]; then
echo "ERREUR: Ce script doit être exécuté en root." >&2
exit 1
fi
}
install_deps() {
if [ "${INSTALL_DEPS}" != "true" ]; then
return 0
fi
echo "--- Installation des dépendances ---"
if command -v apt-get >/dev/null 2>&1; then
apt-get update
apt-get install -y curl coreutils findutils grep sed gawk util-linux ca-certificates
# Ajout des modules PHP nécessaires pour vos scripts (curl pour ntfy)
apt-get install -y php-cli php-curl php-common
else
echo "AVERTISSEMENT: Gestionnaire de paquets apt non détecté. Assurez-vous que php-cli et php-curl sont installés."
fi
}
prepare_dirs() {
echo "--- Préparation des répertoires ---"
mkdir -p "${BASE_DIR}/bin" "${BASE_DIR}/lib" "${CONF_DIR}" "${LOG_DIR}" "${STATE_DIR}" "${LOCK_DIR}" "${TMP_DIR}"
chmod 755 "${BASE_DIR}" "${CONF_DIR}" "${LOG_DIR}" "${STATE_DIR}" "${LOCK_DIR}"
}
fetch_manifest() {
echo "--- Récupération du manifeste ---"
curl -fsS "${MANIFEST_URL}" -o "${TMP_DIR}/manifest.txt"
}
validate_manifest() {
# Validation du format : Hash Mode Chemin
# Exemple : a1b2... 755 bin/script.php
awk '
NF == 3 &&
$1 ~ /^[0-9a-fA-F]{64}$/ &&
$2 ~ /^(644|755|600)$/ &&
$3 ~ /^(bin|lib|conf)\/[A-Za-z0-9._\/-]+$/ &&
$3 !~ /\.\./
' "${TMP_DIR}/manifest.txt"
}
download_one() {
local expected_hash="$1"
local mode="$2"
local rel_path="$3"
local url="${UPDATE_BASE_URL}/${rel_path}"
local dst="${BASE_DIR}/${rel_path}"
# On ignore le téléchargement si c'est un fichier de conf qui existe déjà
if [[ "$rel_path" == conf/* ]] && [ -f "$dst" ]; then
echo "Skip: $rel_path (existe déjà)"
return 0
fi
echo "Téléchargement: $rel_path"
local tmp_file
tmp_file="$(mktemp "${TMP_DIR}/file.XXXXXX")"
if ! curl -fsS "$url" -o "$tmp_file"; then
echo "ERREUR: Échec du téléchargement de ${url}" >&2
rm -f "$tmp_file"
return 1
fi
local got_hash
got_hash="$(sha256sum "$tmp_file" | awk '{print $1}')"
if [ "$got_hash" != "$expected_hash" ]; then
echo "ERREUR: Hash invalide pour ${rel_path}" >&2
rm -f "$tmp_file"
return 1
fi
mkdir -p "$(dirname "$dst")"
mv -f "$tmp_file" "$dst"
chmod "$mode" "$dst"
}
install_from_manifest() {
echo "--- Installation des fichiers ---"
while read -r hash mode rel_path; do
[ -n "${hash:-}" ] || continue
download_one "$hash" "$mode" "$rel_path"
done < "${TMP_DIR}/manifest-valid.txt"
}
show_next_steps() {
cat <<EOF
Installation terminée avec succès dans ${BASE_DIR}.
Étapes suivantes :
1. Configurez vos alertes :
cp ${CONF_DIR}/alert-engine.conf.php ${CONF_DIR}/alert-engine.local.conf.php
nano ${CONF_DIR}/alert-engine.local.conf.php
2. Initialisez la configuration globale :
cp ${CONF_DIR}/monitoring.conf.php ${CONF_DIR}/monitoring.local.conf.php
3. Lancez un audit des configurations :
php ${BASE_DIR}/bin/monitoring-update-config.php
4. Planifiez les tâches (cron) :
*/5 * * * * php ${BASE_DIR}/bin/alert-engine.php
10 3 * * * php ${BASE_DIR}/bin/monitoring-update.php
EOF
}
# --- Main ---
main() {
require_root
install_deps
prepare_dirs
fetch_manifest
if ! validate_manifest > "${TMP_DIR}/manifest-valid.txt"; then
echo "ERREUR: Le manifeste est invalide ou corrompu." >&2
exit 1
fi
install_from_manifest
# Nettoyage
rm -rf "${TMP_DIR}"
show_next_steps
}
main "$@"
Reference in New Issue View Git Blame Copy Permalink